#ifndef __libauthclient_authclient_h
#define __libauthclient_authclient_h 1

#include <curl/curl.h>

struct auth_client;
typedef struct auth_client* auth_client_t;

#define AC_OK                           0
#define AC_ERR_AUTHENTICATION_FAILURE  -1
#define AC_ERR_OTP_REQUIRED            -2
#define AC_ERR_BAD_RESPONSE            -3
#define AC_ERR_CURL_BASE             -100
#define auth_client_err_to_curl(e)     ((e)-(AC_ERR_CURL_BASE))
#define auth_client_err_from_curl(e)   ((AC_ERR_CURL_BASE)-(e))

auth_client_t auth_client_new(const char *service, const char *server);
void auth_client_free(auth_client_t ac);
const char *auth_client_strerror(int err);
void auth_client_set_certificate(auth_client_t ac,
                                 const char *ca_file,
                                 const char *crt_file,
                                 const char *key_file);
int auth_client_authenticate(auth_client_t ac,
                             const char *username,
                             const char *password,
                             const char *otp_token,
                             const char *source_ip);

#endif